Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[ GLSA 201406-32 ] IcedTea JDK: Multiple vulnerabilities
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index News & Announcements
View previous topic :: View next topic  
Author Message
GLSA
Veteran
Veteran


Joined: 12 May 2004
Posts: 1706

PostPosted: Sun Jun 29, 2014 3:26 pm    Post subject: [ GLSA 201406-32 ] IcedTea JDK: Multiple vulnerabilities Reply with quote

Gentoo Linux Security Advisory

Title: IcedTea JDK: Multiple vulnerabilities (GLSA 201406-32)
Severity: high
Exploitable: remote
Date: June 29, 2014
Bug(s): #312297, #330205, #340819, #346799, #352035, #353418, #354231, #355127, #370787, #387637, #404095, #421031, #429522, #433389, #438750, #442478, #457206, #458410, #461714, #466822, #477210, #489570, #508270
ID: 201406-32

Synopsis

Multiple vulnerabilities have been found in the IcedTea JDK, the
worst of which could lead to arbitrary code execution.


Background

IcedTea is a distribution of the Java OpenJDK source code built with
free build tools.


Affected Packages

Package: dev-java/icedtea-bin
Vulnerable: < 6.1.13.3
Unaffected: >= 6.1.13.3
Architectures: All supported architectures


Description

Multiple vulnerabilities have been discovered in the IcedTea JDK. Please
review the CVE identifiers referenced below for details.


Impact

A remote attacker could possibly execute arbitrary code with the
privileges of the process, cause a Denial of Service condition, obtain
sensitive information, bypass intended security policies, or have other
unspecified impact.


Workaround

There is no known workaround at this time.

Resolution

All IcedTea JDK users should upgrade to the latest version:
Code:
# emerge --sync
      # emerge --ask --oneshot --verbose ">=dev-java/icedtea-bin-6.1.13.3"
   


References

CVE-2009-3555
CVE-2010-2548
CVE-2010-2783
CVE-2010-3541
CVE-2010-3548
CVE-2010-3549
CVE-2010-3551
CVE-2010-3553
CVE-2010-3554
CVE-2010-3557
CVE-2010-3561
CVE-2010-3562
CVE-2010-3564
CVE-2010-3565
CVE-2010-3566
CVE-2010-3567
CVE-2010-3568
CVE-2010-3569
CVE-2010-3573
CVE-2010-3574
CVE-2010-3860
CVE-2010-4351
CVE-2010-4448
CVE-2010-4450
CVE-2010-4465
CVE-2010-4467
CVE-2010-4469
CVE-2010-4470
CVE-2010-4471
CVE-2010-4472
CVE-2010-4476
CVE-2011-0025
CVE-2011-0706
CVE-2011-0815
CVE-2011-0822
CVE-2011-0862
CVE-2011-0864
CVE-2011-0865
CVE-2011-0868
CVE-2011-0869
CVE-2011-0870
CVE-2011-0871
CVE-2011-0872
CVE-2011-3389
CVE-2011-3521
CVE-2011-3544
CVE-2011-3547
CVE-2011-3548
CVE-2011-3551
CVE-2011-3552
CVE-2011-3553
CVE-2011-3554
CVE-2011-3556
CVE-2011-3557
CVE-2011-3558
CVE-2011-3560
CVE-2011-3563
CVE-2011-3571
CVE-2011-5035
CVE-2012-0497
CVE-2012-0501
CVE-2012-0502
CVE-2012-0503
CVE-2012-0505
CVE-2012-0506
CVE-2012-0547
CVE-2012-1711
CVE-2012-1713
CVE-2012-1716
CVE-2012-1717
CVE-2012-1718
CVE-2012-1719
CVE-2012-1723
CVE-2012-1724
CVE-2012-1725
CVE-2012-1726
CVE-2012-3216
CVE-2012-3422
CVE-2012-3423
CVE-2012-4416
CVE-2012-4540
CVE-2012-5068
CVE-2012-5069
CVE-2012-5070
CVE-2012-5071
CVE-2012-5072
CVE-2012-5073
CVE-2012-5074
CVE-2012-5075
CVE-2012-5076
CVE-2012-5077
CVE-2012-5081
CVE-2012-5084
CVE-2012-5085
CVE-2012-5086
CVE-2012-5087
CVE-2012-5089
CVE-2012-5979
CVE-2013-0169
CVE-2013-0401
CVE-2013-0424
CVE-2013-0425
CVE-2013-0426
CVE-2013-0427
CVE-2013-0428
CVE-2013-0429
CVE-2013-0431
CVE-2013-0432
CVE-2013-0433
CVE-2013-0434
CVE-2013-0435
CVE-2013-0440
CVE-2013-0441
CVE-2013-0442
CVE-2013-0443
CVE-2013-0444
CVE-2013-0450
CVE-2013-0809
CVE-2013-1475
CVE-2013-1476
CVE-2013-1478
CVE-2013-1480
CVE-2013-1484
CVE-2013-1485
CVE-2013-1486
CVE-2013-1488
CVE-2013-1493
CVE-2013-1500
CVE-2013-1518
CVE-2013-1537
CVE-2013-1557
CVE-2013-1569
CVE-2013-1571
CVE-2013-2383
CVE-2013-2384
CVE-2013-2407
CVE-2013-2412
CVE-2013-2415
CVE-2013-2417
CVE-2013-2419
CVE-2013-2420
CVE-2013-2421
CVE-2013-2422
CVE-2013-2423
CVE-2013-2424
CVE-2013-2426
CVE-2013-2429
CVE-2013-2430
CVE-2013-2431
CVE-2013-2436
CVE-2013-2443
CVE-2013-2444
CVE-2013-2445
CVE-2013-2446
CVE-2013-2447
CVE-2013-2448
CVE-2013-2449
CVE-2013-2450
CVE-2013-2451
CVE-2013-2452
CVE-2013-2453
CVE-2013-2454
CVE-2013-2455
CVE-2013-2456
CVE-2013-2457
CVE-2013-2458
CVE-2013-2459
CVE-2013-2460
CVE-2013-2461
CVE-2013-2463
CVE-2013-2465
CVE-2013-2469
CVE-2013-2470
CVE-2013-2471
CVE-2013-2472
CVE-2013-2473
CVE-2013-3829
CVE-2013-4002
CVE-2013-5772
CVE-2013-5774
CVE-2013-5778
CVE-2013-5780
CVE-2013-5782
CVE-2013-5783
CVE-2013-5784
CVE-2013-5790
CVE-2013-5797
CVE-2013-5800
CVE-2013-5802
CVE-2013-5803
CVE-2013-5804
CVE-2013-5805
CVE-2013-5806
CVE-2013-5809
CVE-2013-5814
CVE-2013-5817
CVE-2013-5820
CVE-2013-5823
CVE-2013-5825
CVE-2013-5829
CVE-2013-5830
CVE-2013-5840
CVE-2013-5842
CVE-2013-5849
CVE-2013-5850
CVE-2013-5851
CVE-2013-6629
CVE-2013-6954
CVE-2014-0429
CVE-2014-0446
CVE-2014-0451
CVE-2014-0452
CVE-2014-0453
CVE-2014-0456
CVE-2014-0457
CVE-2014-0458
CVE-2014-0459
CVE-2014-0460
CVE-2014-0461
CVE-2014-1876
CVE-2014-2397
CVE-2014-2398
CVE-2014-2403
CVE-2014-2412
CVE-2014-2414
CVE-2014-2421
CVE-2014-2423
CVE-2014-2427
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index News & Announcements All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum